There was recently a Kubernetes security hole that was patched in v1.10.11 (among other versions), so I would like to upgrade to that version. I am currently on v1.10.9. However, when running the command gcloud container get-server-config to get the list of valid node versions, v1.10.11 doesn't show up. Instead, it jumps straight from v1.10.9 to v1.11.2.
Does anyone have any idea why I cannot seem to use the usual gcloud container clusters upgrade [CLUSTER_NAME] --cluster-version [CLUSTER_VERSION] to upgrade to this version?
Thanks in advance!
Based on:
https://cloud.google.com/kubernetes-engine/docs/security-bulletins#december-3-2018
If you have Kubernetes in v1.10.9 you should (to patch this security hole) update your GKE Cluster to 1.10.9-gke.5.
The following Kubernetes versions are now available for new clusters and for opt-in master upgrades for existing clusters:
1.9.7-gke.11,
1.10.6-gke.11,
1.10.7-gke.11,
1.10.9-gke.5,
1.11.2-gke.18
Please validate your Scheduled master auto-upgrades option in GKE.
If it's enabled your cluster masters were auto-upgraded by Google and the next possible version to update is further version so v1.11.2, what is showing by GKE for you.
Related
I want to create a cluster under EKS in a version that got recently deprecated 1.15 to test something version specific.
my below command is failing
eksctl create cluster --name playgroundkubernetes --region us-east-1 --version 1.15 --nodegroup-name standard-workers --node-type t2.medium --managed
is there a workaround where i can create a cluster in version 1.15.
No it's not possible to create a brand new EKS cluster with a deprecated version. The only option would be to deploy your own cluster (DIY) with something like KOPS or the like.
In addition to mreferre's comment, if you're trying to just create a Kubernetes cluster and don't need it to be in AWS, you could use Kind (https://kind.sigs.k8s.io/docs/user/quick-start/) or similar to create something much more quickly and probably more cheaply.
Once we increase load by using JMeter client than my deployed service is interrupted and on GCP/GKE console it says that -
Upgrading cluster master
The values shown below are going to change soon.
And my kubectl client throw this error during upgrade -
Unable to connect to the server: dial tcp 35.236.238.66:443: connectex: No connection could be made because the target machine actively refused it.
How can I stop this upgrade or prevent my service interruption ? If service will be intrupted than there is no benefit of this auto scaling. I am new to GKE, please let me know if I am missing any configuration or parameter here.
I am using this command to create my cluster-
gcloud container clusters create ajeet-gke --zone us-east4-b --node-locations us-east4-b --machine-type n1-standard-8 --num-nodes 1 --enable-autoscaling --min-nodes 4 --max-nodes 16
It is not upgrading k8s version. Because it works fine with smaller load but as I increase load than cluster starts upgrade of master. So it looks the master is resizing itself for more nodes. After upgrade I can see more nodes on GCP console. https://github.com/terraform-providers/terraform-provider-google/issues/3385
Below command says auto scaling is not enabled on instance group.
> gcloud compute instance-groups managed list
NAME AUTOSCALED LOCATION SCOPE ---
ajeet-gke-cluster- no us-east4-b zone ---
default-pool-4***0
Workaround
Sorry forget to update it here, I found a workaround to fix it - after splitting cluster creation command in to two steps cluster is auto scaling without restarting master node:
gcloud container clusters create ajeet-ggs --zone us-east4-b --node-locations us-east4-b --machine-type n1-standard-8 --num-nodes 1
gcloud container clusters update ajeet-ggs --enable-autoscaling --min-nodes 1 --max-nodes 10 --zone us-east4-b --node-pool default-pool
To prevent this you should always create your cluster with hardcoded cluster version to the last version available.
See the documentation: https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture#master
This means that Goolge is managing the master, meaning that if your master is not up to date it will be updated to be in the last version and allow google to limit the number of version currently managed. https://cloud.google.com/kubernetes-engine/docs/concepts/regional-clusters
Now why do you have an interruption of service during the update: because you are in zonal mode with only one master, to prevent this you should go in regional cluster mode with more than one master, allowing for clean rolling update.
The master won't resize the node, unless the autoscaling feature is enabled in it.
As mentioned in above answer, this is a feature at the node-pool level. By looking at description of the issue, it does seems like 'autoscaling' is enabled on your node-pool and eventually a GKE's cluster autoscaler automatically resizes clusters based on the demands of the workloads you want to run(ie when there are pods that are not able to be scheduled due to resource shortages such as CPU).
Additionaly, Kubernetes cluster autoscaling does not use the Managed Instance Group autoscaler. It runs a cluster-autoscaler controller on the Kubernetes master that uses Kubernetes-specific signals to scale your nodes.
It is therefore, highly recommended not use(or rely on the autoscaling status showed by MIG) Compute Engine's autoscaling feature on instance groups created by Kubernetes Engine.
gcloud container clusters create --cluster-version 1.10 --zone us-east1-d ... returns with the error message ERROR: (gcloud.container.clusters.create) ResponseError: code=400, message=No valid versions with the prefix "1.10" found..
The GKE release notes https://cloud.google.com/kubernetes-engine/release-notes#february-11-2019, indicates the specific kubernetes version is still supported.
Does anyone know what's going on?
The syntax you are using looks correct, but support for k8s 1.10 is being phased out on GKE, as per the GKE release notes entry of February 11, 2019:
Coming soon
We expect the following changes in the coming weeks. This information is not a guarantee, but is provided to help you plan for upcoming changes.
25% of the upgrades from 1.10 to 1.11.6-gke.2 will be complete.
Version 1.11.6-gke.8 will be made available.
Version 1.10 will be made unavailable.
Have you tried with the full version, say 1.10.12-gke.7?
gcloud container clusters create --cluster-version 1.10.12-gke.7 --zone us-east1-d ...
Alternatively, use 1.11, because it looks like GKE is moving that way anyhow.
is anyone experiencing issue with the Google Kubernetes Engine (specifically in us-central1-b region - April 3rd 11pm EST)
I'm not able to to see my workload or any of my cluster configurations in the Google Kubernetes Engine section, it is intermittent (one minute is there then disappears)
Also can't connect to the Kubernetes section of the Google Cloud Console to check on my pods !!
No information of any issues as far as I can see. Could have been a network connection issue on your side, please check.
It appears to me that this is some issue about getting metadata from the cluster. You could check the following to help you troubleshoot or see if there is any underlying problems:
$ docker info
$ docker version
$ kubectl version
$ gcloud container clusters describe <your-cluster-name-) --zone <your-cluster-zone>
$ kubectl get componentstatuses
I am working with Kube-Aws by coreos to generate a cloud formation script and deploy it as part of my stack,
I would like to upgrade my kubernetes cluster to a newer version.
I don't mind creating a new cluster, but what I do mind is recreating all the deployments/services etc...
Is there any way to take the configuration and replace/transfer them to the new cluster? maybe copy the entire etcd data? will that help?
Use kubectl get --export=true on all the resources that you want to move into a new cluster and then restore them that way.
kubectl get <pods,services,deployments,whatever> --export=true --all-namespaces=true